    <?php
    include 'dbc.php';
    session_start();
	$username=protect($_POST['username']);
	$password=protect($_POST['password']);
	$confirm=protect($_POST['passconf']);
	$email=protect($_POST['email']);
	$i=0;
	if(!$username){
    $errors[$i] = "Username is not defined!";
	$i++;
    }
     
    if(!$password){
    $errors[$i] = "Password is not defined!";
	$i++;
    }
     
    if($password){
    if(!$confirm){
    $errors[$i] = "Confirmation password is not defined!";
	$i++;
    }
    }
     
    if(!$email){
    $errors[$i] = "E-mail is not defined!";
	$i++;
    }
     
     
     
    if($username){
    if(!ctype_alnum($username)){
    $errors[$i] = "Username can only contain numbers and letters!";
	$i++;
    }
     
    $range = range(1,32);
    if(!in_array(strlen($username),$range)){
    $errors[$i] = "Username must be between 1 and 32 characters!";
	$i++;
    }
    }
     
    if($password && $confirm){
    if($password != $confirm){
    $errors[$i] = "Passwords do not match!";
	$i++;
    }
    }
     
    if($email){
    $checkemail = "/^[a-z0-9]+([_\\.-][a-z0-9]+)*@([a-z0-9]+([\.-][a-z0-9]+)*)+\\.[a-z]{2,}$/i";
    if(!preg_match($checkemail, $email)){
    $errors[$i] = "E-mail is not valid, must be name@server.tld!";
	$i++;
    }
    }
	for ($z=0;$z<12;$z++)
	{   if (isset($errors[$z]))
		echo $errors[$z]." <br />";
		
	}
	if (!isset($errors[0]))
	{
		
			$query="INSERT INTO users (username,password,email) VALUES ('$username','$password','$email')";
			mysql_query($query,$con) or DIE ("Username \"$username\" is already taken, please choose another one");
	$_SESSION['username']=$username;
	header('Location: main.php');	
	}
	else
	{
	for ($z=0;$z<12;$z++)
	{   if (isset($errors[$z]))
	{
	$svar="error".$z;
		$_SESSION[$svar]=$errors[$z];
	}
	header('Location: registration.php');
	}
	}
	
	
	mysql_close();
	
	?>